Date: Fri, 17 Feb 2012 07:14:21 -0800 From: Freddie Cash <fjwcash@gmail.com> To: Alexander Leidinger <Alexander@leidinger.net> Cc: freebsd-stable@freebsd.org Subject: Re: Custom kernel poll summary (was: Re: Reducing the need to compile a custom kernel) Message-ID: <CAOjFWZ5z5q68BnRJ49P8wn89GZR_4_bz9WPjByQxbLJzUa8rZQ@mail.gmail.com> In-Reply-To: <20120217122110.Horde.6XSicpjmRSRPPjgmMlJAECA@webmail.leidinger.net> References: <20120210145604.Horde.ewjpSpjmRSRPNSH0YRHxgAk@webmail.leidinger.net> <20120214123755.Horde.WkLNcJjmRSRPOkeTw7bUClA@webmail.leidinger.net> <20120215014738.O95093@sola.nimnet.asn.au> <CAOjFWZ6f5QtGY7pVVBgHj%2BxhSJ_QARKPaOjq=ZnfxVz4V-gDGQ@mail.gmail.com> <20120217122110.Horde.6XSicpjmRSRPPjgmMlJAECA@webmail.leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Feb 17, 2012 at 3:21 AM, Alexander Leidinger <Alexander@leidinger.net> wrote: > Quoting Freddie Cash <fjwcash@gmail.com> (from Tue, 14 Feb 2012 08:26:54 > -0800): > >> On Tue, Feb 14, 2012 at 7:43 AM, Ian Smith <smithi@nimnet.asn.au> wrote: >>> >>> On Tue, 14 Feb 2012 2:37:55 +0100, Alexander Leidinger wrote: >>> > 1 IPSTEALTH -> changes ipfw module only? >>> >>> I don't think this is specific to ipfw. From /sys/conf/NOTES: >>> >>> # IPSTEALTH enables code to support stealth forwarding (i.e., forwarding >>> # packets without touching the TTL). This can be useful to hide >>> firewalls >>> # from traceroute and similar tools. >>> >>> But can it be disabled once added to kernel? It's no good as a default. >> >> >> It's controllable via sysctl once it's compiled into the kernel. If >> it's not compiled into the kernel, then the sysctl doesn't exist. > > > Is it the following? > net.inet.ip.stealth=0 Yeah, that's the one. -- Freddie Cash fjwcash@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOjFWZ5z5q68BnRJ49P8wn89GZR_4_bz9WPjByQxbLJzUa8rZQ>